| From: | "Zeugswetter Andreas SB SD" <ZeugswetterA(at)spardat(dot)at> |
|---|---|
| To: | "Tom Lane" <tgl(at)sss(dot)pgh(dot)pa(dot)us> |
| Cc: | "Justin Clift" <justin(at)postgresql(dot)org>, "Christopher Kings-Lynne" <chriskl(at)familyhealth(dot)com(dot)au>, "Vince Vielhaber" <vev(at)michvhf(dot)com>, <pgsql-hackers(at)postgresql(dot)org> |
| Subject: | Re: @(#) Mordred Labs advisory 0x0001: Buffer overflow in |
| Date: | 2002-08-22 09:21:22 |
| Message-ID: | 46C15C39FEB2C44BA555E356FBCD6FA4961E5D@m0114.s-mxs.net |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
> > Ok, now I vote, that you don't implement "any" and use "opaque".
> > I don't think we want two types that do the same thing.
> > Is it that you like the name "any" more than "opaque" ?
>
> No, it's that I want to deprecate "opaque" so that we can catch old
> uses that should not be there anymore. If you look at your code and
> you decide that "any" is the correct semantics, then fine: change
> "opaque" to "any" and the warnings will go away. But relatively few
> existing uses of "opaque" really mean "any", and I don't want the
> people who are using "opaque" to mean "cstring", "trigger", etc
> to keep using "opaque" for those other purposes. The idea here is
> to force a security review.
That is what I have been trying to say, imho "any" should have the same
NOTICE as opaque has, since it is potentially dangerous.
I would suggest a warning NOTICE for opaque and not depricate it.
Imho the NOTICE should *not* go away.
If we want "any" in the future, it should imho always be passed a "safe"
Datum that includes type info. This will allow us to create a type "any"
that does not have the pitfalls of opaque.
Andreas
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Sir Mordred The Traitor | 2002-08-22 10:20:12 | Re: Upcoming Beta |
| Previous Message | Oleg Bartunov | 2002-08-22 08:16:47 | Re: Theoretical XML & ltree Question |